General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

SSL Weak CBC Mode Vulnerability

Our box was scanned by Qualys and the SSL VPN portal cames up with the following message:

If possible, upgrade to TLS v1.1 or TLS v1.2. If upgrading is not possible, then disabling CBC mode cipher will remove the vulnerability.

Any ideas how to disable

...

u5273 by Not applicable
  • 1839 Views
  • 2 replies
  • 0 Likes

Advantages of Virtual Systems...

...What are the advantages of using Virtual Systems, other than being able to divide Management and Reporting of "Virtual" firewalls.  In my case, I have a DMZ, Wireless, Trust and Untrust networks connected to a PA 5020.  Should I split up the DMZ a

...

jambulo by L4 Transporter
  • 3313 Views
  • 4 replies
  • 0 Likes

Resolved! BGP Configuration Clarification Needed

I am new to BGP. I am attempting to configure BGP as layed out in the following documentation with the Active/Passive configuration. I've been given an AS number and a block of /24 from ARIN. Step 2 under "Configuration for the Active/Passive Pair"

...

Unknown user after install and configure UI Agen

Dear All,

     My PAN is 500 with 4.1.6 OS. I just migrate PAN agent to UI agent with version 4.1.6-5.  After installation and configuration, I check the user-mapping the result show as following;

> show user ip-user-mapping all

IP              Ident. B

...

AD Groups in Firewall Policy - Inconsistent Behaviour

I have two issues with managing firewall policies when using AD groups; running 4.1.7 - so am using the 'on-hardware' group retrieval rather than the PAN Agent.

1) When adding new groups to be mapped they do not appear in the GUI i.e. cannot be select

...

apackard by L4 Transporter
  • 2221 Views
  • 4 replies
  • 0 Likes

Resolved! How to cancel screen output in CLI ?

Very silly question, so I apologise now..

How do you cancel the screen output in CLI... for example I show the running configuration, there's about 500 pages of it, and I dont want to sit mashing the space bar for 20 minutes!

I've tried all the usual s

...

Dpeters1 by L2 Linker
  • 2179 Views
  • 2 replies
  • 0 Likes

Production Code Recommendations

I am getting ready to move two 5050s into production and would like to know what release code to start with based on your recommendations. I assume that 4.1.10 would be the best choice, but 5.0 has been out for a little while now. I normally wait for

...